08-23-2011
Possible problem found
Hi All,
Thanks to everyone who contributed.
I tried to do an SSH and found that it is prompting that password has expired and needs to be changed again.
I changed password of that user but on SSH it again prompts to change password, so it appears that something is wrong with the profie of that user and needs to be looked at by our UNIX Admins.
Does anyone know what property can be looked at for this??
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi,
I have created some users on my new enviroment on sun solaris in the aptempt to create a .profile which I did. I must have done something wrong because when I try to connect to one of this users it says:no shell, connection closed. The only thing I can think is that in my .profile I inserted... (2 Replies)
Discussion started by: giulianob
2 Replies
2. UNIX for Advanced & Expert Users
Hey when trying to connect to a server using a key I get
sftp -o 'Port=22' -o'IdentityFile=/home/datatel/.ssh/id_dsa_xei' becker_xei@host Connecting to host...
ANGEL SFTP ServerConnection closed by host
Connection closed
Any ideas? (1 Reply)
Discussion started by: ed.browne
1 Replies
3. UNIX for Dummies Questions & Answers
Hi Everyone,
Good day.
Scenario:
2 unix servers -- A (SunOS) and B (AIX)
I have an ftp script to sftp 30 files from A to B which happen almost instantaneously i.e 30 sftp's happen at the same time.
Some of these sftp's fail with the following error:
ssh_exchange_identification: Connection... (1 Reply)
Discussion started by: jeevan_fimare
1 Replies
4. HP-UX
Hi,
Have anyone seen this problem, there is one remote side where their ftp connection to our server will always fail with connection closed by remote host and the second connection will be working.
is this an OS issue or network issue?
Thanks
Robert (4 Replies)
Discussion started by: robertngo
4 Replies
5. UNIX for Advanced & Expert Users
Hi
how can do why a process closed a connection?
# lsof -i tcp:8080
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
java 5851 tomcat 29u IPv6 73216185 TCP *:webcache (LISTEN)
# telnet localhost 8080
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).... (0 Replies)
Discussion started by: lain
0 Replies
6. HP-UX
I am trying to connect to my HP server from remote machine.
It gets connected but once credential are provided the connection is closed.
adroit:/home/seo/hitendra 32 ] telnet myserv1
Trying...
Connected to myserv1.
Escape character is '^]'.
Local flow control on
Telnet TERMINAL-SPEED... (4 Replies)
Discussion started by: hiten.r.chauhan
4 Replies
7. AIX
Hi i am trying to do ssh without password between 2 aix servers.
before i generate the keys, i am able to do the ssh & it is asking for password & i am able to login.
========================
# ssh 172.29.150.77
root@172.29.150.77's password:
========================
but when i generate rsa... (1 Reply)
Discussion started by: makarand.bhatka
1 Replies
8. UNIX for Advanced & Expert Users
Hi everybody,
I am running a program on a supercomputer via my personal computer through a ssh connection. My program take more than a day to run, so when I left work with my PC I stop the connection with the supercomputer and the program stop.
I am wondering if someone know how I can manage... (2 Replies)
Discussion started by: TomTomGre
2 Replies
9. UNIX for Dummies Questions & Answers
I'm trying to connect from Server A to Server B to transfer files from A to B. I'm using NUID A1 in Server A and NUID A2 in Server B. I have done the following the steps to setup password-less login.
1. Add the public key of A1 in A to the Authorized keys of A2 in B.
2. Add the public key of... (4 Replies)
Discussion started by: sanchid312
4 Replies
10. Shell Programming and Scripting
Hi,
I have a bash script which connects HP Vertica DB and executes few sql files in sequential manner. One sql file has commands related to one table(stage , base schema tables)and contains 7-8 commands such as creating temp table, inserting data into tables etc.
For few tables, which have high... (7 Replies)
Discussion started by: Dharmatheja
7 Replies
LEARN ABOUT DEBIAN
pam_ssh
PAM_SSH(8) BSD System Manager's Manual PAM_SSH(8)
NAME
pam_ssh -- authentication and session management with SSH private keys
DESCRIPTION
The SSH authentication service module for PAM, pam_ssh provides functionality for two PAM categories: authentication and session management.
SSH Authentication Module
The SSH authentication component verifies the identity of a user by prompting the user for a passphrase and verifying that it can decrypt at
least one of the user's SSH login keys using that passphrase.
The following options may be passed to the authentication module:
debug syslog(3) debugging information at LOG_DEBUG level.
use_first_pass If the authentication module is not the first in the stack, and a previous module obtained the user's password, then
that password is used to decrypt the user's SSH login keys. If this fails, then the authentication module returns
failure without prompting the user for a passphrase.
try_first_pass Similar to the use_first_pass option, except that if the previously obtained password fails to decrypt any of the SSH
login keys, then the user is prompted for an SSH passphrase.
try_first_pass has no effect if pam_ssh is the first module on the stack, or if no previous modules obtained the
user's password.
allow_blank_passphrase Allow SSH keys with no passphrase.
If neither use_first_pass nor try_first_pass is specified, pam_ssh will unconditionally ask for an SSH passphrase.
In addition to the above authentication procedure, all standard SSH keys (identity, id_rsa, id_dsa) for which the obtained password matches
will be decrypted.
SSH Session Management Module
The SSH session management component initiates sessions by starting an SSH agent, passing it any SSH login keys it decrypted during the
authentication phase, and sets the environment variables accordingly.
The SSH session management component terminates the session by killing the previously started SSH agent by sending it a SIGTERM.
The following options may be passed to the session management module:
debug syslog(3) debugging information at LOG_DEBUG level.
INFORMATION LEAKS
Be careful with the using the try_first_pass option when pam_ssh is the first authentication module because it will then leak information
about existing users without login keys: such users will not be asked for a specific SSH passphrase, whereas non-existing users and existing
users with login keys will be asked for a passphrase.
FILES
$HOME/.ssh/identity
$HOME/.ssh/id_rsa
$HOME/.ssh/id_dsa OpenSSH DSA/RSA keys decrypted by pam_ssh.
$HOME/.ssh/login-keys.d/ Location of (possibly symbolic links to) OpenSSH DSA/RSA keys used for authentication and decrypted by pam_ssh.
/var/log/auth.log Usual log file for syslog(3)
SEE ALSO
ssh-agent(1), syslog(3), pam.conf(5), pam(8).
AUTHORS
Andrew J. Korty <ajk@iu.edu> wrote pam_ssh. Dag-Erling Smorgrav wrote the original OpenPAM support code. Mark R V Murray wrote the original
version of this manual page. Jens Peter Secher introduced the login-key concept.
BSD
November 26, 2001 BSD